Tag feed

Classic DLL Injection in c++ - Ashbo3n

1d ago · 4 min read · What is DLL Injection? DLL Injection is a specialized technique used to force a running process to load and execute external code by inserting a Dynamic Link Library (DLL) into its virtual address spa

Native Windows Web Requests: A WinHTTP and Rust Integration - Ashbo3n

6d ago · 8 min read · Goal - Our Main goal here is to make our program send POST Request to us every 30 seconds using WinHTTP, this will help us in learning how to handle WinHTTP for future projects such as Custom Implant

Bypassing Windows Defender via stage 0 loader - Ashbo3n

Apr 16 · 15 min read · Goal: To pass windows defender and get a sliver connection back, we will use windows native APIs for this project such as WinHTTP, BCrypt(CNG) and more, We will try to make it simple but effective as

Writing a Reverse Shell in Rust

Apr 8 · 4 min read · We will write a basic Windows Reverse Shell in rust. We will only use std crate for it. First we will attempt to connect to the target's listener using: let remote_addr = "172.16.91.128:4001"; if

SRSatyam Rastogisatyamrastogi.hashnode.dev

Black Hat USA 2026: Critical Exploitation Trends & Attack Surface Evolution

Apr 4 · 6 min read · Originally published on satyamrastogi.com Black Hat USA 2026 revealed critical shifts in attack methodology: AI-assisted vulnerability discovery, supply chain exploitation at scale, and cloud infrastructure compromise techniques. Red teams must adap...

FVFelix Voigtfelix-voigt.de

Part 4: WPA2/3-Mixed Mode (Downgrade & Rogue Access Point)

Apr 3 · 9 min read · 1. Executive Summary Although WPA3 effectively mitigates the offline dictionary attacks that troubled its predecessor, modern enterprise and home network infrastructures still rely on backward compati

FVFelix Voigtfelix-voigt.de

Part 1: Pin-based Attacks on 802.11 (Legacy & WPS)

Apr 3 · 7 min read · 1. Executive Summary It must be stated upfront that in contemporary red teaming engagements, Wi-Fi Protected Setup (WPS) is largely considered a dead attack vector. The Wi-Fi Alliance has deprecated P

FVFelix Voigtfelix-voigt.de

Part 2: WPA2 PMKID (Silent & Clientless Attacks)

Apr 3 · 9 min read · 1. Executive Summary The PMKID attack represents a significant paradigm shift in 802.11 wireless network exploitation. This vector exploits a historical implementation flaw in the IEEE 802.11i Robust

EEEmma Engströmpentesting-dvwa.hashnode.dev

DOM-Based XSS in DVWA

Mar 29 · 14 min read · Introduction This post examines a DOM-based cross-site scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA) and demonstrates how it can be exploited to achieve client-side code

EEEmma Engströmpentesting-dvwa.hashnode.dev

Stored XSS in DVWA

Mar 25 · 12 min read · Introduction This post examines a Stored Cross-Site Scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA), and demonstrates how it can be used to achieve persistent client-side c